CVE-2007-3504

Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.213 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite...

CVE-2007-3504

Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.213 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite...

CVE-2007-3225

Unspecified vulnerability in Sun Java System Directory Server slapd 6.0, and 5.2 with Patch 3 or 4, allows remote attackers to modify certain data via unknown vectors...

Code injection

Unspecified vulnerability in Sun Java System Directory Server slapd 6.0, and 5.2 with Patch 3 or 4, allows remote attackers to modify certain data via unknown vectors...

CVE-2007-3225

Sun Java System Directory Server (slapd) 6.0 and 5.2 with Patch 3 or 4 are affected by CVE-2007-3225. The vulnerability allows remote attackers to modify certain data via unknown vectors. The available documents do not specify the exact component/function/file/root cause, nor provide a confirmed ...

CVE-2007-3225

Unspecified vulnerability in Sun Java System Directory Server slapd 6.0, and 5.2 with Patch 3 or 4, allows remote attackers to modify certain data via unknown vectors...

Solaris 5.8 (x86) : 120982-18

Sun Java System Web Proxy Server 4.0.11, x86 SVR4 patch: Mainte. Date this patch was last updated by Sun : Aug/04/09 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...

Solaris 5.10 (x86) : 120982-18

Sun Java System Web Proxy Server 4.0.11, x86 SVR4 patch: Mainte. Date this patch was last updated by Sun : Aug/04/09 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...

Solaris 5.8 (sparc) : 120981-18

Sun Java System Web Proxy Server 4.0.11, Solaris SVR4 patch: Mai. Date this patch was last updated by Sun : Aug/04/09 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...

Sun Java JRE Image Parsing Vulnerabilities (102934)

According to its version number, the Sun Java Runtime Environment JRE installed on the remote host reportedly is affected by a buffer overflow in its image processing code as well as another issue that may cause the Java Virtual Machine to hang. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

[ GLSA 200705-23 ] Sun JDK/JRE: Multiple vulnerabilities

Gentoo Linux Security Advisory GLSA 200705-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

Sun JDK/JRE: Multiple vulnerabilities

Background The Sun Java Development Kit JDK and the Sun Java Runtime Environment JRE provide the Sun Java platform. Description An unspecified vulnerability involving an "incorrect use of system classes" was reported by the Fujitsu security team. Additionally, Chris Evans from the Google Security...

CVE-2007-2904

Cross-site scripting XSS vulnerability in Sun Java System Messaging Server 6.0 through 6.3, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly a related issue to CVE-2006-5653...

Cross site scripting

Cross-site scripting XSS vulnerability in Sun Java System Messaging Server 6.0 through 6.3, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly a related issue to CVE-2006-5653...

CVE-2007-2904

Sun Java System Messaging Server 6.0–6.3 is affected by CVE-2007-2904, a cross-site scripting (XSS) vulnerability exploitable via unspecified vectors when using Internet Explorer. The issue allows remote attackers to inject arbitrary web script or HTML. The vulnerability is related to CVE-2006-56...

CVE-2007-2904

Cross-site scripting XSS vulnerability in Sun Java System Messaging Server 6.0 through 6.3, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly a related issue to CVE-2006-5653...

Sun Java System Web Proxy Server fails to properly process malformed packets

Overview A vulnerability in the way Sun Java System Web Proxy Server processes malformed packets may allow execution of arbitrary code. Description SOCKS is a network protocol that provides a framework that allows client-server applications to securely use network firewall services. A vulnerabili...

Sun Java System Web Proxy sockd buffer overflow

Added: 05/30/2007 CVE: CVE-2007-2881 BID: 24165 OSVDB: 35841 Background The Sun Java System Web Proxy Server formerly Sun ONE Web Proxy Server provides content filtering and caching capabilities. It is a companion product to the Sun Java System Web Server. Problem A buffer overflow vulnerability ...

Sun Java System Web Proxy sockd buffer overflow

Added: 05/30/2007 CVE: CVE-2007-2881 BID: 24165 OSVDB: 35841 Background The Sun Java System Web Proxy Server formerly Sun ONE Web Proxy Server provides content filtering and caching capabilities. It is a companion product to the Sun Java System Web Server. Problem A buffer overflow vulnerability ...

Sun Java System Web Proxy sockd buffer overflow

Added: 05/30/2007 CVE: CVE-2007-2881 BID: 24165 OSVDB: 35841 Background The Sun Java System Web Proxy Server formerly Sun ONE Web Proxy Server provides content filtering and caching capabilities. It is a companion product to the Sun Java System Web Server. Problem A buffer overflow vulnerability ...